General
-
Target
3f1165d54ebadca8bc5a8422eb29a2aa.exe
-
Size
1.4MB
-
Sample
210317-rlxsa11vj6
-
MD5
3f1165d54ebadca8bc5a8422eb29a2aa
-
SHA1
e841505df16313ff99545f56324141fd752aeb8e
-
SHA256
cd7174bf2b72b9b2d5df6a88f19c5befcab108641e2db7e7bc2190d5849d2463
-
SHA512
16840e628d01c4c50368f1567a687b2f5b58824df84d6f7cfc089a60b749b4fc0b97bfdf4d8fcd0926fa2f25e5b77c31504724ba42d66b6486238609115e3997
Static task
static1
Behavioral task
behavioral1
Sample
3f1165d54ebadca8bc5a8422eb29a2aa.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
3f1165d54ebadca8bc5a8422eb29a2aa.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
3f1165d54ebadca8bc5a8422eb29a2aa.exe
-
Size
1.4MB
-
MD5
3f1165d54ebadca8bc5a8422eb29a2aa
-
SHA1
e841505df16313ff99545f56324141fd752aeb8e
-
SHA256
cd7174bf2b72b9b2d5df6a88f19c5befcab108641e2db7e7bc2190d5849d2463
-
SHA512
16840e628d01c4c50368f1567a687b2f5b58824df84d6f7cfc089a60b749b4fc0b97bfdf4d8fcd0926fa2f25e5b77c31504724ba42d66b6486238609115e3997
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-